Aleksa Sarai
http://linux.conf.au/schedule/present...
Essentially all popular container runtimes require some form of root privileges
in order to create and manage containers. This becomes a problem for certain
systems, where administrators are hesitant to install any software, let alone a
container runtime -- many of which allow for privileged containers without
authentication.
In this talk, Aleksa Sarai will describe recent work done within runC by himself
and other maintainers to allow people to use rootless containers with a
well-supported container runtime, as well as discussing challenges discovered by
this work and kernel work which is being done to alleviate these challenges and
bring a new form of containers to users and developers. In addition, he will
briefly talk about image formats and the management of images without privileges
as well.